# 4.14.0-0.okd-2023-12-01-225814

Created: 2023-12-02 08:09:19 +0000 UTC

Image Digest: `sha256:4510c50834c07e71521a68c021320b5e44978245c8031a858f74328e54e89e1c`

Promoted from registry.ci.openshift.org/origin/release:4.14.0-0.okd-2023-12-01-225814


## Changes from 4.14.0-0.okd-2023-11-14-101924

### Components

* Kubernetes upgraded from 1.27.6 to 1.27.8
* Fedora CoreOS 38.20231027.3


### Rebuilt images without code change

* [agent-installer-api-server](https://github.com/openshift/assisted-service) git [4e1a1e59](https://github.com/openshift/assisted-service/commit/4e1a1e59cef06c75a9a09f6251ecbd19eecb8be5) `sha256:2877e3d7bce9296c4c1ddbf0566eea11fd66afde76afe650137c5c1b0c7146c8`
* [agent-installer-node-agent](https://github.com/openshift/assisted-installer-agent) git [e438a5e9](https://github.com/openshift/assisted-installer-agent/commit/e438a5e93d2b08ba670acf742c0f1c6ad44ab92b) `sha256:85c91f106917d5b81514f5bffc604ff42d38a75c70dc3f2e621b3177d73828ef`
* [agent-installer-utils](https://github.com/openshift/agent-installer-utils) git [ad853769](https://github.com/openshift/agent-installer-utils/commit/ad8537697818870b53b6262041f0dfa78a3b41c2) `sha256:489284071d0c2589438a8ac95f59d0c771036e9b568d53bccc67429f6b3e74f2`
* [cluster-kube-apiserver-operator](https://github.com/openshift/cluster-kube-apiserver-operator) git [d52dbad1](https://github.com/openshift/cluster-kube-apiserver-operator/commit/d52dbad1177fdb0d27077be5b6e8d9fe0d41b30e) `sha256:1ac6f833450ec97e93a9fb67b2068c91606a0221f24eea7812ed449e8fe860ce`


### [agent-installer-csr-approver, agent-installer-orchestrator](https://github.com/openshift/assisted-installer/tree/02dc1175d8d1278f94287d14899c66344cef9174)

* [OCPBUGS-20049](https://issues.redhat.com/browse/OCPBUGS-20049): Remove uninitialized taint for agent-based installs (#753) [#753](https://github.com/openshift/assisted-installer/pull/753)
* [Full changelog](https://github.com/openshift/assisted-installer/compare/9fd99e3861fc32b8a608bb0c81344435e32ad004...02dc1175d8d1278f94287d14899c66344cef9174)


### [alibaba-disk-csi-driver-operator](https://github.com/openshift/alibaba-disk-csi-driver-operator/tree/2ac2780e6b09d8b11a2064b8f7d1c5e946768343)

* [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#71](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/71)
* [Full changelog](https://github.com/openshift/alibaba-disk-csi-driver-operator/compare/7e0204aeee1770a98afb7ace4f3ccb5568c906e8...2ac2780e6b09d8b11a2064b8f7d1c5e946768343)


### [aws-ebs-csi-driver-operator](https://github.com/openshift/aws-ebs-csi-driver-operator/tree/8dac7fcdc597614acc5969a8d152ead2a28b9ad4)

* [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#296](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/296)
* [Full changelog](https://github.com/openshift/aws-ebs-csi-driver-operator/compare/024bec5b1d318b874fd93d6e57018467d26333d1...8dac7fcdc597614acc5969a8d152ead2a28b9ad4)


### [aws-pod-identity-webhook](https://github.com/openshift/aws-pod-identity-webhook/tree/ad7aa0ae2c85eca233fbe1afc35e64452a880a1c)

* [OCPBUGS-21761](https://issues.redhat.com/browse/OCPBUGS-21761): Backport the recent rebase to 4.14 [#168](https://github.com/openshift/aws-pod-identity-webhook/pull/168)
* [Full changelog](https://github.com/openshift/aws-pod-identity-webhook/compare/3aa931a62aba6d245d7411e83709820dc8636ede...ad7aa0ae2c85eca233fbe1afc35e64452a880a1c)


### [azure-cloud-controller-manager, azure-cloud-node-manager](https://github.com/openshift/cloud-provider-azure/tree/f0e7cbbcf37fb44c34a192ecffaf40a6639c8bea)

* [OCPBUGS-21439](https://issues.redhat.com/browse/OCPBUGS-21439): Bump golang.org/x/net to v0.18.0 [#93](https://github.com/openshift/cloud-provider-azure/pull/93)
* [Full changelog](https://github.com/openshift/cloud-provider-azure/compare/cca9a841e807dd87708b82562fc5f376ed2f274c...f0e7cbbcf37fb44c34a192ecffaf40a6639c8bea)


### [baremetal-installer, installer, installer-artifacts, ovirt-installer](https://github.com/openshift/installer/tree/82051a1c3d42e394be353bbe2eacf348ccb75970)

* [OCPBUGS-22688](https://issues.redhat.com/browse/OCPBUGS-22688): Bump Fedora CoreOS to latest stable [#7647](https://github.com/openshift/installer/pull/7647)
* [OCPBUGS-22774](https://issues.redhat.com/browse/OCPBUGS-22774): Add KMS encryption keys if provided [#7659](https://github.com/openshift/installer/pull/7659)
* [Full changelog](https://github.com/openshift/installer/compare/cebc8ab0fd6f8b66197f5a4e058ea4913dbb587c...82051a1c3d42e394be353bbe2eacf348ccb75970)


### [baremetal-runtimecfg](https://github.com/openshift/baremetal-runtimecfg/tree/4b7c64bd91deabdba2c87a22c70f87ab2f7c2e6f)

* [OCPBUGS-23474](https://issues.redhat.com/browse/OCPBUGS-23474): Use shorter IP label for keepalived VIP [#288](https://github.com/openshift/baremetal-runtimecfg/pull/288)
* [Full changelog](https://github.com/openshift/baremetal-runtimecfg/compare/e7fa0f25f9fb18253f948f08939d0766b6a880a2...4b7c64bd91deabdba2c87a22c70f87ab2f7c2e6f)


### [cloud-credential-operator](https://github.com/openshift/cloud-credential-operator/tree/549cff9de8bc7a7bcf12eaa286bac04a7fc0b2f7)

* [OCPBUGS-23986](https://issues.redhat.com/browse/OCPBUGS-23986): Use per-project custom roles instead of per-cluster custom roles [#631](https://github.com/openshift/cloud-credential-operator/pull/631)
* [OCPBUGS-23426](https://issues.redhat.com/browse/OCPBUGS-23426): Explicitly set the vsphere secret credential data on sync. [#629](https://github.com/openshift/cloud-credential-operator/pull/629)
* [OCPBUGS-21388](https://issues.redhat.com/browse/OCPBUGS-21388): Upgrade golang/x/net for CVE-2023-39325 [#622](https://github.com/openshift/cloud-credential-operator/pull/622)
* [Full changelog](https://github.com/openshift/cloud-credential-operator/compare/e70c0de19da0f7db7a36b17ac8378c13d8146a70...549cff9de8bc7a7bcf12eaa286bac04a7fc0b2f7)


### [cluster-baremetal-operator](https://github.com/openshift/cluster-baremetal-operator/tree/270579c644f97dd9f2e8e771c939833ffee1dd3e)

* [OCPBUGS-23392](https://issues.redhat.com/browse/OCPBUGS-23392), [OCPBUGS-23393](https://issues.redhat.com/browse/OCPBUGS-23393): fix IRONIC_EXTERNAL_URL_V6 [#384](https://github.com/openshift/cluster-baremetal-operator/pull/384)
* [Full changelog](https://github.com/openshift/cluster-baremetal-operator/compare/582b74599d11324ff0927dcb6b2b5fee5f69c106...270579c644f97dd9f2e8e771c939833ffee1dd3e)


### [cluster-cloud-controller-manager-operator](https://github.com/openshift/cluster-cloud-controller-manager-operator/tree/c10ac3773e44951bb3dbcf2b30c9b93818d78fd0)

* [OCPBUGS-21189](https://issues.redhat.com/browse/OCPBUGS-21189): Bump golang.org/x/net to v0.18.0 [#295](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/295)
* [Full changelog](https://github.com/openshift/cluster-cloud-controller-manager-operator/compare/785ecefecd0ae3690d8b79ec916a4075ed3b382e...c10ac3773e44951bb3dbcf2b30c9b93818d78fd0)


### [cluster-csi-snapshot-controller-operator](https://github.com/openshift/cluster-csi-snapshot-controller-operator/tree/73dc400fbbbd7dc131c98199e3b5c5cac957ee83)

* [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#174](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/174)
* [Full changelog](https://github.com/openshift/cluster-csi-snapshot-controller-operator/compare/5d8bae88fdceefd3cc6e9befe3da641839403d9c...73dc400fbbbd7dc131c98199e3b5c5cac957ee83)


### [cluster-etcd-operator](https://github.com/openshift/cluster-etcd-operator/tree/e29f97d93ca1c4fa423b871ad7f1b73bd64ed1d0)

* Revert "[release-4.14] OCPBUGS-21802: remove revision stability check from bootstrap complet…" [#1168](https://github.com/openshift/cluster-etcd-operator/pull/1168)
* [Full changelog](https://github.com/openshift/cluster-etcd-operator/compare/6bc9eabed8465234b1566cf001b6215e267abff5...e29f97d93ca1c4fa423b871ad7f1b73bd64ed1d0)


### [cluster-machine-approver](https://github.com/openshift/cluster-machine-approver/tree/8bf6e7c04fe8ac3f891e8ee1672f4e17b97572dc)

* [OCPBUGS-23150](https://issues.redhat.com/browse/OCPBUGS-23150): Filter non node CSRs in metrics [#209](https://github.com/openshift/cluster-machine-approver/pull/209)
* [Full changelog](https://github.com/openshift/cluster-machine-approver/compare/926c90484d0062f77a51bac0174a759b2d1991f1...8bf6e7c04fe8ac3f891e8ee1672f4e17b97572dc)


### [cluster-monitoring-operator](https://github.com/openshift/cluster-monitoring-operator/tree/94ddd62daa1ed729055e97b76e07745aa02098fd)

* [OCPBUGS-21473](https://issues.redhat.com/browse/OCPBUGS-21473): Set the new --disable-http2 flag for prometheus-adapter to disable HTTP2 [#2147](https://github.com/openshift/cluster-monitoring-operator/pull/2147)
* [Full changelog](https://github.com/openshift/cluster-monitoring-operator/compare/73745ed81d0fa079639d8febbf26deb0a27b50be...94ddd62daa1ed729055e97b76e07745aa02098fd)


### [cluster-network-operator](https://github.com/openshift/cluster-network-operator/tree/73a1db2e64e320fd2584b85c68c0bc8bfe6010cc)

* [OCPBUGS-22363](https://issues.redhat.com/browse/OCPBUGS-22363): Added HCP label to CNO pods [#2081](https://github.com/openshift/cluster-network-operator/pull/2081)
* [OCPBUGS-22286](https://issues.redhat.com/browse/OCPBUGS-22286): hypershift: adjust backoff on infrastructure name retry [#2078](https://github.com/openshift/cluster-network-operator/pull/2078)
* [OCPBUGS-23011](https://issues.redhat.com/browse/OCPBUGS-23011): Block upgrades to 4.15 with Kuryr [#2096](https://github.com/openshift/cluster-network-operator/pull/2096)
* [OCPBUGS-23315](https://issues.redhat.com/browse/OCPBUGS-23315): set automountServiceAccountToken to false for hypershift managed network-node-identity deploy [#2107](https://github.com/openshift/cluster-network-operator/pull/2107)
* [Full changelog](https://github.com/openshift/cluster-network-operator/compare/1504d2a16032cd3637f5c9a338f8f48a82614cca...73a1db2e64e320fd2584b85c68c0bc8bfe6010cc)


### [cluster-node-tuning-operator](https://github.com/openshift/cluster-node-tuning-operator/tree/ab65a089808ee9d1074d3c3d9bde11cff31b5e37)

* [OCPBUGS-21845](https://issues.redhat.com/browse/OCPBUGS-21845): e2e:rps: improve logging (#831) [#831](https://github.com/openshift/cluster-node-tuning-operator/pull/831)
* render: change dir path (#826) [#826](https://github.com/openshift/cluster-node-tuning-operator/pull/826)
* [Full changelog](https://github.com/openshift/cluster-node-tuning-operator/compare/9669c589ed742813a59b54028daae3972b51c6ee...ab65a089808ee9d1074d3c3d9bde11cff31b5e37)


### [cluster-openshift-controller-manager-operator](https://github.com/openshift/cluster-openshift-controller-manager-operator/tree/77e0d6a07854665a7e9c8458db67e25d02da934a)

* [OCPBUGS-23490](https://issues.redhat.com/browse/OCPBUGS-23490): Remove blockage of ConfigObserver by build informer has synced flag [#318](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/318)
* [Full changelog](https://github.com/openshift/cluster-openshift-controller-manager-operator/compare/04cec68a4cd060be0f324db5d30f02476a85d20e...77e0d6a07854665a7e9c8458db67e25d02da934a)


### [cluster-storage-operator](https://github.com/openshift/cluster-storage-operator/tree/d212f20b9b2c639384baef9879af149ac259c014)

* [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#416](https://github.com/openshift/cluster-storage-operator/pull/416)
* [OCPBUGS-23210](https://issues.redhat.com/browse/OCPBUGS-23210): [IBM ROKS] cluster-storage-operator does not set upgradeable=True [#419](https://github.com/openshift/cluster-storage-operator/pull/419)
* [Full changelog](https://github.com/openshift/cluster-storage-operator/compare/dbb1514dbf9923c56a4a198374cc59e45f9bc0cc...d212f20b9b2c639384baef9879af149ac259c014)


### [cluster-update-keys](https://github.com/openshift/cluster-update-keys/tree/e0c26a084139906e866d9eec89f05d2d3211b334)

* [OCPBUGS-10126](https://issues.redhat.com/browse/OCPBUGS-10126): Updating ose-agent-installer-orchestrator images to be consistent with ART [#48](https://github.com/openshift/cluster-update-keys/pull/48)
* [Full changelog](https://github.com/openshift/cluster-update-keys/compare/9dd3eedebc62725e806d7b52d640b70e61a96f98...e0c26a084139906e866d9eec89f05d2d3211b334)


### [console](https://github.com/openshift/console/tree/4c3b612fa659a61a534bd858a509cccabfdcdd4c)

* [OCPBUGS-23423](https://issues.redhat.com/browse/OCPBUGS-23423): Cannot Edit Shipwright Build [#13343](https://github.com/openshift/console/pull/13343)
* [Full changelog](https://github.com/openshift/console/compare/60b4100a67a915c3bb6345f14815354a17da938c...4c3b612fa659a61a534bd858a509cccabfdcdd4c)


### [fedora-coreos, machine-os-content, okd-rpms](https://github.com/openshift/okd-machine-os/tree/06633e25633fd15afd703729f1138cbe34f45995)

* Dockerfile: use previous machine-os-content as a base [#703](https://github.com/openshift/okd-machine-os/pull/703)
* Unpin kernel [#699](https://github.com/openshift/okd-machine-os/pull/699)
* Bump FCOS version [#695](https://github.com/openshift/okd-machine-os/pull/695)
* [Full changelog](https://github.com/openshift/okd-machine-os/compare/7cf8e812932b95074ad812b2f2f85165319dbaa3...06633e25633fd15afd703729f1138cbe34f45995)


### [gcp-cloud-controller-manager](https://github.com/openshift/cloud-provider-gcp/tree/09e96a91c4c95e4f8a3d77bae81875c570dd9e3c)

* [OCPBUGS-21321](https://issues.redhat.com/browse/OCPBUGS-21321): Bump golang.org/x/net to v0.18.0 [#42](https://github.com/openshift/cloud-provider-gcp/pull/42)
* [Full changelog](https://github.com/openshift/cloud-provider-gcp/compare/37deba9d5cc01f1d0cfe741b3996b0474d5ef84e...09e96a91c4c95e4f8a3d77bae81875c570dd9e3c)


### [gcp-pd-csi-driver-operator](https://github.com/openshift/gcp-pd-csi-driver-operator/tree/b39caeae907ca5c43e331a66b4ebe112d604f174)

* [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#96](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/96)
* [Full changelog](https://github.com/openshift/gcp-pd-csi-driver-operator/compare/92376a4b846366ae3c7a61e5af895e3221d09703...b39caeae907ca5c43e331a66b4ebe112d604f174)


### [hyperkube, pod](https://github.com/openshift/kubernetes/tree/19254894103e33e65a58dee1337912acc9813e84)

* [OCPBUGS-23566](https://issues.redhat.com/browse/OCPBUGS-23566): Update to kubernetes 1.27.8 [#1808](https://github.com/openshift/kubernetes/pull/1808)
* [OCPBUGS-23286](https://issues.redhat.com/browse/OCPBUGS-23286): UPSTREAM: 121881: Use golang library instead of mklink [#1801](https://github.com/openshift/kubernetes/pull/1801)
* [Full changelog](https://github.com/openshift/kubernetes/compare/b49f9d1356bca4e8dd206a3b019184beffd88153...19254894103e33e65a58dee1337912acc9813e84)


### [hypershift](https://github.com/openshift/hypershift/tree/6fb4e2524a164bb23d565c442d1e977110f5c03a)

* [HOSTEDCP-1318](https://issues.redhat.com/browse/HOSTEDCP-1318): external OIDC enablement [#3261](https://github.com/openshift/hypershift/pull/3261)
* [OCPBUGS-23747](https://issues.redhat.com/browse/OCPBUGS-23747): Added brackets to IPv6 KAS address on kubeconfig [#3228](https://github.com/openshift/hypershift/pull/3228)
* [OCPBUGS-24063](https://issues.redhat.com/browse/OCPBUGS-24063): fix(cpo): Set restart annotation on network-node-identity [#3248](https://github.com/openshift/hypershift/pull/3248)
* release-4.14, HOSTEDCP-1315:  Improve NodePool CPU arch & platform check [#3236](https://github.com/openshift/hypershift/pull/3236)
* [OCPBUGS-22676](https://issues.redhat.com/browse/OCPBUGS-22676): Make the OLMCatalogPlacement field immutable [#3143](https://github.com/openshift/hypershift/pull/3143)
* [OCPBUGS-23558](https://issues.redhat.com/browse/OCPBUGS-23558): Let router use svc ips 4.14 [#3221](https://github.com/openshift/hypershift/pull/3221)
* [OCPBUGS-19678](https://issues.redhat.com/browse/OCPBUGS-19678): Remove cluster name validation from HCC [#3040](https://github.com/openshift/hypershift/pull/3040)
* "[release-4.14] CNV-35326: unsupported escape hatch mechanism custom HS/KV vms" [#3202](https://github.com/openshift/hypershift/pull/3202)
* [OCPBUGS-23027](https://issues.redhat.com/browse/OCPBUGS-23027): Configure HSTS for kube-apiserver [#3169](https://github.com/openshift/hypershift/pull/3169)
* NO-JIRA: chore(deps): update rhtap references (release-4.14) [#3085](https://github.com/openshift/hypershift/pull/3085)
* [Full changelog](https://github.com/openshift/hypershift/compare/b78dd45cac8a4b2434b52c4398f230e0d1c17ea3...6fb4e2524a164bb23d565c442d1e977110f5c03a)


### [ibm-vpc-block-csi-driver-operator](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/tree/504fbad135ee976d8b5baa846e9da46607262b46)

* [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#91](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/91)
* [Full changelog](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/compare/faf68eda7983c9e4c6cab158b067fe73ea594173...504fbad135ee976d8b5baa846e9da46607262b46)


### [ibmcloud-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-ibmcloud/tree/c62bc9d9dc7d5b9918694d67e1a521cc1d36b55f)

* [OCPBUGS-21436](https://issues.redhat.com/browse/OCPBUGS-21436): Bump golang.org/x/net to v0.18.0 [#63](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/63)
* [Full changelog](https://github.com/openshift/cluster-api-provider-ibmcloud/compare/a7e5c6a5b96a3851d1807d4c3f80113a47a4e54d...c62bc9d9dc7d5b9918694d67e1a521cc1d36b55f)


### [insights-operator](https://github.com/openshift/insights-operator/tree/7f61093be2002697568476e402d3f668d9ac5313)

* [OCPBUGS-22958](https://issues.redhat.com/browse/OCPBUGS-22958): adds cluster storageclasses gather (#858) (#865) [#858](https://github.com/openshift/insights-operator/pull/858)
* [Full changelog](https://github.com/openshift/insights-operator/compare/e0f175b294d739df77074b97a98b9987023903fd...7f61093be2002697568476e402d3f668d9ac5313)


### [ironic](https://github.com/openshift/ironic-image/tree/43a83afa4d1cd7a04da805c1178421a045ecccc7)

* [OCPBUGS-23505](https://issues.redhat.com/browse/OCPBUGS-23505): Uplift eventlet version [#426](https://github.com/openshift/ironic-image/pull/426)
* [OCPBUGS-23354](https://issues.redhat.com/browse/OCPBUGS-23354): Upgrade markupsafe and werkzeug dependencies [#421](https://github.com/openshift/ironic-image/pull/421)
* [Full changelog](https://github.com/openshift/ironic-image/compare/5ec3ad0af7e7d29c409a3b14b20117144a0725c2...43a83afa4d1cd7a04da805c1178421a045ecccc7)


### [ironic-agent](https://github.com/openshift/ironic-agent-image/tree/979149f6171a232355564ebc63dd258390b29c20)

* [OCPBUGS-23751](https://issues.redhat.com/browse/OCPBUGS-23751): Update packages with latest fixes [#96](https://github.com/openshift/ironic-agent-image/pull/96)
* [Full changelog](https://github.com/openshift/ironic-agent-image/compare/ed6e12a62fc40fc450ad394034769cc734acb5e5...979149f6171a232355564ebc63dd258390b29c20)


### [kube-proxy, sdn](https://github.com/openshift/sdn/tree/1a9befcb519d0b6c6a0907d514493f1d88aacf45)

* [OCPBUGS-20790](https://issues.redhat.com/browse/OCPBUGS-20790): update x/net to v0.17.0 [#587](https://github.com/openshift/sdn/pull/587)
* [Full changelog](https://github.com/openshift/sdn/compare/128c28c6f6d1078627c452afc867b492894e0ac4...1a9befcb519d0b6c6a0907d514493f1d88aacf45)


### [machine-api-operator](https://github.com/openshift/machine-api-operator/tree/6b62c759612880bcc80c67c01ac1db5c9576a288)

* [OCPBUGS-24047](https://issues.redhat.com/browse/OCPBUGS-24047): Use docs URL instead of KCS article [#1180](https://github.com/openshift/machine-api-operator/pull/1180)
* [Full changelog](https://github.com/openshift/machine-api-operator/compare/e8e6a66b620e9f57262e96a599da0298fe7e858b...6b62c759612880bcc80c67c01ac1db5c9576a288)


### [machine-config-operator](https://github.com/openshift/machine-config-operator/tree/612c6f6bfa3ca777f9f1e260596b801c3e66375f)

* [OCPBUGS-23474](https://issues.redhat.com/browse/OCPBUGS-23474): Use shorter IP label for keepalived VIP [#4041](https://github.com/openshift/machine-config-operator/pull/4041)
* [OCPBUGS-23208](https://issues.redhat.com/browse/OCPBUGS-23208): workaround nmstate bug by configuring ipv{4,6} addresses [#4031](https://github.com/openshift/machine-config-operator/pull/4031)
* [Full changelog](https://github.com/openshift/machine-config-operator/compare/f57144e1ffc7904dd34722da07ccb471adaa8954...612c6f6bfa3ca777f9f1e260596b801c3e66375f)


### [multus-networkpolicy](https://github.com/openshift/multus-networkpolicy/tree/cd6eae10a368d23b94530cdc2a2c2f2356d8cc02)

* Update vendor package (#40) [#40](https://github.com/openshift/multus-networkpolicy/pull/40)
* [Full changelog](https://github.com/openshift/multus-networkpolicy/compare/2440eebf5a922691e0dd483bbcddf00e9f63eb16...cd6eae10a368d23b94530cdc2a2c2f2356d8cc02)


### [multus-whereabouts-ipam-cni](https://github.com/openshift/whereabouts-cni/tree/2e723a7a0dbb0bc1d3b18d219d8ff7f366110f91)

* [OCPBUGS-21518](https://issues.redhat.com/browse/OCPBUGS-21518): update golang.org/x/net to v0.17.0 [#207](https://github.com/openshift/whereabouts-cni/pull/207)
* [Full changelog](https://github.com/openshift/whereabouts-cni/compare/7e454367b5994241feb5dc713065508c5534f8f3...2e723a7a0dbb0bc1d3b18d219d8ff7f366110f91)


### [oauth-proxy](https://github.com/openshift/oauth-proxy/tree/a4a2f270a57af830508e8cef52d4c8d4f4dfba76)

* [OCPBUGS-20980](https://issues.redhat.com/browse/OCPBUGS-20980): go.mod: bump golang.org/x/net to v0.17.0 [#267](https://github.com/openshift/oauth-proxy/pull/267)
* [Full changelog](https://github.com/openshift/oauth-proxy/compare/55e0cd172625b3419c698014fa233e54021af9a3...a4a2f270a57af830508e8cef52d4c8d4f4dfba76)


### [oc-mirror](https://github.com/openshift/oc-mirror/tree/a9d1320cb1150a1aa25a2e67eb8bb2042fb8c9ac)

* skipping prune failure if manifest not found (#735) [#735](https://github.com/openshift/oc-mirror/pull/735)
* [Full changelog](https://github.com/openshift/oc-mirror/compare/d124cd5277ee9565f912aa6c0214e8d200f69cd6...a9d1320cb1150a1aa25a2e67eb8bb2042fb8c9ac)


### [olm-rukpak](https://github.com/openshift/operator-framework-rukpak/tree/9308d8bb9d14b098829f5bda3e0fd69ea17a30e1)

* [OCPBUGS-23358](https://issues.redhat.com/browse/OCPBUGS-23358): [release-4.14] Address http2 vulnerability [#53](https://github.com/openshift/operator-framework-rukpak/pull/53)
* [Full changelog](https://github.com/openshift/operator-framework-rukpak/compare/daa50736076ed6c207c57ef29d94cde6c7cdbdbd...9308d8bb9d14b098829f5bda3e0fd69ea17a30e1)


### [openshift-apiserver](https://github.com/openshift/openshift-apiserver/tree/a9364565cd3471a9b718a3274b35970269d20e09)

* : OCPBUGS-21464: Enable HTTP/2 CVE mitigation [#397](https://github.com/openshift/openshift-apiserver/pull/397)
* [Full changelog](https://github.com/openshift/openshift-apiserver/compare/8e1cc19354fb9caa57a454f7fa3f883e73252083...a9364565cd3471a9b718a3274b35970269d20e09)


### [operator-lifecycle-manager, operator-registry](https://github.com/openshift/operator-framework-olm/tree/427c2db7b6ba237584c86d643551dd3037d682a1)

* [OCPBUGS-20829](https://issues.redhat.com/browse/OCPBUGS-20829): [releaser-4.14] Fix apiserver vulnerability [#608](https://github.com/openshift/operator-framework-olm/pull/608)
* [OCPBUGS-23212](https://issues.redhat.com/browse/OCPBUGS-23212): Do not derive installplan.spec.clusterServiceNames from bundle IDs [#607](https://github.com/openshift/operator-framework-olm/pull/607)
* [OCPBUGS-18904](https://issues.redhat.com/browse/OCPBUGS-18904): [release-4.14] Improve Leader Election Hand Off [#605](https://github.com/openshift/operator-framework-olm/pull/605)
* [OCPBUGS-23508](https://issues.redhat.com/browse/OCPBUGS-23508): [release-4.14] Use generated namespaces in e2e tests [#614](https://github.com/openshift/operator-framework-olm/pull/614)
* [Full changelog](https://github.com/openshift/operator-framework-olm/compare/48d154144cf2be7ef40d83e78dd2e724a0cf3fb2...427c2db7b6ba237584c86d643551dd3037d682a1)


### [tests](https://github.com/openshift/origin/tree/661425bdbe1f6fcec2c37ee482b8e4f2b3abe38a)

* Revert "[release-4.14] OCPBUGS-22720: Use Centos 8 Stream mysql image in tests" [#28368](https://github.com/openshift/origin/pull/28368)
* [OCPBUGS-23042](https://issues.redhat.com/browse/OCPBUGS-23042): tolerate AWS edge nodes on monitor tests [#28387](https://github.com/openshift/origin/pull/28387)
* [Full changelog](https://github.com/openshift/origin/compare/8f6b619704c00fcc6418e0934065d30d18d3396d...661425bdbe1f6fcec2c37ee482b8e4f2b3abe38a)


### [thanos](https://github.com/openshift/thanos/tree/a26712509e3f9c511926ca9d8bba3e3ea8e95ada)

* [OCPBUGS-22636](https://issues.redhat.com/browse/OCPBUGS-22636): Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.42.0 to 0.44.0 [#130](https://github.com/openshift/thanos/pull/130)
* [Full changelog](https://github.com/openshift/thanos/compare/175a63002855e7a3f4f5cd49c90680c41be181d8...a26712509e3f9c511926ca9d8bba3e3ea8e95ada)


### [vsphere-cloud-controller-manager](https://github.com/openshift/cloud-provider-vsphere/tree/b04567f77273f6c338ece9fda29c0a65297130d5)

* [OCPBUGS-21520](https://issues.redhat.com/browse/OCPBUGS-21520): Bump golang.org/x/net to v0.18.0 [#54](https://github.com/openshift/cloud-provider-vsphere/pull/54)
* [Full changelog](https://github.com/openshift/cloud-provider-vsphere/compare/a24e1713cb61b7a56482fb0a23eb94b642fbeb78...b04567f77273f6c338ece9fda29c0a65297130d5)


### [vsphere-csi-driver-operator](https://github.com/openshift/vmware-vsphere-csi-driver-operator/tree/f46e4b57a7e96016b68d0c01f41d869ec1a1ffc8)

* [OCPBUGS-22430](https://issues.redhat.com/browse/OCPBUGS-22430): disable http/2 server support in webhook [#182](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/182)
* [Full changelog](https://github.com/openshift/vmware-vsphere-csi-driver-operator/compare/f7afb6462c79317cc53c621084640860a4351788...f46e4b57a7e96016b68d0c01f41d869ec1a1ffc8)


### [vsphere-problem-detector](https://github.com/openshift/vsphere-problem-detector/tree/db5e66c6ff913207b2286db21c3da9d440fb0be9)

* [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#138](https://github.com/openshift/vsphere-problem-detector/pull/138)
* [Full changelog](https://github.com/openshift/vsphere-problem-detector/compare/6b359ea5b69636a00cfd5c4f81f0279cfd41401a...db5e66c6ff913207b2286db21c3da9d440fb0be9)